diff --git a/Directory.Build.props b/Directory.Build.props
index 7e45356ad..e2bcc9906 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -35,6 +35,7 @@
     <EnableNETAnalyzers>true</EnableNETAnalyzers>
     <EnforceCodeStyleInBuild>true</EnforceCodeStyleInBuild>
     <LangVersion>13</LangVersion>
+    <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
   </PropertyGroup>
 
   <PropertyGroup Condition="'$(TargetFrameworkIdentifier)' == 'NET6_0_OR_GREATER'">
diff --git a/src/Microsoft.Identity.Web.Certificate/Base64EncodedCertificateLoader.cs b/src/Microsoft.Identity.Web.Certificate/Base64EncodedCertificateLoader.cs
index a9d027551..d2c634fc5 100644
--- a/src/Microsoft.Identity.Web.Certificate/Base64EncodedCertificateLoader.cs
+++ b/src/Microsoft.Identity.Web.Certificate/Base64EncodedCertificateLoader.cs
@@ -39,18 +39,22 @@ public Task LoadIfNeededAsync(CredentialDescription credentialDescription, Crede
 
         internal static X509Certificate2 LoadFromBase64Encoded(string certificateBase64, X509KeyStorageFlags x509KeyStorageFlags)
         {
+#pragma warning disable SYSLIB0057 // Type or member is obsolete
             return new X509Certificate2(
                 Convert.FromBase64String(certificateBase64),
                 (string?)null,
                 x509KeyStorageFlags);
+#pragma warning restore SYSLIB0057 // Type or member is obsolete
         }
 
         internal static X509Certificate2 LoadFromBase64Encoded(string certificateBase64, string password, X509KeyStorageFlags x509KeyStorageFlags)
         {
+#pragma warning disable SYSLIB0057 // Type or member is obsolete
             return new X509Certificate2(
                 Convert.FromBase64String(certificateBase64),
                 password,
                 x509KeyStorageFlags);
+#pragma warning restore SYSLIB0057 // Type or member is obsolete
         }
     }
 }
diff --git a/src/Microsoft.Identity.Web.Certificate/FromPathCertificateLoader.cs b/src/Microsoft.Identity.Web.Certificate/FromPathCertificateLoader.cs
index eb86974ae..de428f8e1 100644
--- a/src/Microsoft.Identity.Web.Certificate/FromPathCertificateLoader.cs
+++ b/src/Microsoft.Identity.Web.Certificate/FromPathCertificateLoader.cs
@@ -26,10 +26,12 @@ private static X509Certificate2 LoadFromPath(
         {
             X509KeyStorageFlags x509KeyStorageFlags = CertificateLoaderHelper.DetermineX509KeyStorageFlag();
 
+#pragma warning disable SYSLIB0057 // Type or member is obsolete
             return new X509Certificate2(
                 certificateFileName,
                 password,
                 x509KeyStorageFlags);
+#pragma warning restore SYSLIB0057 // Type or member is obsolete
         }
     }
 }
diff --git a/src/Microsoft.Identity.Web.Certificate/KeyVaultCertificateLoader.cs b/src/Microsoft.Identity.Web.Certificate/KeyVaultCertificateLoader.cs
index 485a18feb..e25822248 100644
--- a/src/Microsoft.Identity.Web.Certificate/KeyVaultCertificateLoader.cs
+++ b/src/Microsoft.Identity.Web.Certificate/KeyVaultCertificateLoader.cs
@@ -98,10 +98,12 @@ public async Task LoadIfNeededAsync(CredentialDescription credentialDescription,
             // Return a certificate with only the public key if the private key is not exportable.
             if (certificate.Policy?.Exportable != true)
             {
+#pragma warning disable SYSLIB0057 // Type or member is obsolete
                 return new X509Certificate2(
                     certificate.Cer,
                     (string?)null,
                     x509KeyStorageFlags);
+#pragma warning restore SYSLIB0057 // Type or member is obsolete
             }
 
             // Parse the secret ID and version to retrieve the private key.
diff --git a/tests/E2E Tests/TokenAcquirerTests/CertificateRotationTest.cs b/tests/E2E Tests/TokenAcquirerTests/CertificateRotationTest.cs
index 290b9c46b..655c05331 100644
--- a/tests/E2E Tests/TokenAcquirerTests/CertificateRotationTest.cs	
+++ b/tests/E2E Tests/TokenAcquirerTests/CertificateRotationTest.cs	
@@ -271,7 +271,9 @@ private X509Certificate2 CreateSelfSignedCertificateAddAddToCertStore(string cer
             var cert = req.CreateSelfSigned(notBefore.HasValue ? notBefore.Value : DateTimeOffset.Now, expiry);
 
             byte[] bytes = cert.Export(X509ContentType.Pfx, (string?)null);
+#pragma warning disable SYSLIB0057 // Type or member is obsolete
             X509Certificate2 certWithPrivateKey = new(bytes);
+#pragma warning restore SYSLIB0057 // Type or member is obsolete
 
             // Add it to the local cert store.
             X509Store x509Store = new(StoreName.My, StoreLocation.CurrentUser);
diff --git a/tests/Microsoft.Identity.Web.Test/Certificates/CertificateDescriptionTests.cs b/tests/Microsoft.Identity.Web.Test/Certificates/CertificateDescriptionTests.cs
index 143fac03a..958dcfd4b 100644
--- a/tests/Microsoft.Identity.Web.Test/Certificates/CertificateDescriptionTests.cs
+++ b/tests/Microsoft.Identity.Web.Test/Certificates/CertificateDescriptionTests.cs
@@ -78,7 +78,9 @@ public void TestFromStoreWithThumbprint(string certificateThumbprint, StoreLocat
         [Fact]
         public void TestFromCertificate()
         {
-            using X509Certificate2 certificate2 = new X509Certificate2(new byte[0]);
+#pragma warning disable SYSLIB0057 // Type or member is obsolete
+            using X509Certificate2 certificate2 = new([]);
+#pragma warning restore SYSLIB0057 // Type or member is obsolete
             CertificateDescription certificateDescription =
                 CertificateDescription.FromCertificate(certificate2);
         }
diff --git a/tests/Microsoft.Identity.Web.Test/MsAuth10AtPopTests.cs b/tests/Microsoft.Identity.Web.Test/MsAuth10AtPopTests.cs
index e99c6ffae..4473a429c 100644
--- a/tests/Microsoft.Identity.Web.Test/MsAuth10AtPopTests.cs
+++ b/tests/Microsoft.Identity.Web.Test/MsAuth10AtPopTests.cs
@@ -80,7 +80,9 @@ public void MsAuth10AtPop_ThrowsWithNullPopKeyTest()
         {
             // Arrange
             IConfidentialClientApplication app = CreateBuilder();
-            var clientCertificate = new X509Certificate2(new byte[0]);
+#pragma warning disable SYSLIB0057 // Type or member is obsolete
+            using X509Certificate2 clientCertificate = new([]);
+#pragma warning restore SYSLIB0057 // Type or member is obsolete
             var jwkClaim = "jwk_claim";
             var clientId = "client_id";
 
@@ -99,7 +101,9 @@ public void MsAuth10AtPop_ThrowsWithNullJwkClaimTest()
         {
             // Arrange
             IConfidentialClientApplication app = CreateBuilder();
-            var clientCertificate = new X509Certificate2(new byte[0]);
+#pragma warning disable SYSLIB0057 // Type or member is obsolete
+            using X509Certificate2 clientCertificate = new([]);
+#pragma warning restore SYSLIB0057 // Type or member is obsolete
             var popPublicKey = "pop_key";
             var clientId = "client_id";
 
diff --git a/tests/Microsoft.Identity.Web.Test/Resource/JwtBearerEventsClaimsValidationTests.cs b/tests/Microsoft.Identity.Web.Test/Resource/JwtBearerEventsClaimsValidationTests.cs
index 93cf558f6..89f73304a 100644
--- a/tests/Microsoft.Identity.Web.Test/Resource/JwtBearerEventsClaimsValidationTests.cs
+++ b/tests/Microsoft.Identity.Web.Test/Resource/JwtBearerEventsClaimsValidationTests.cs
@@ -52,7 +52,7 @@ protected override HttpContext CreateHttpContext()
         [Fact]
         public async Task TokenValidated_MissingScopesAndRoles_AuthenticationFailsAsync()
         {
-            Assert.True(_tokenContext.Result.Succeeded);
+            Assert.True(_tokenContext.Result!.Succeeded);
             await _jwtEvents.TokenValidated(_tokenContext);
             Assert.False(_tokenContext.Result.Succeeded);
         }
@@ -68,7 +68,7 @@ protected override HttpContext CreateHttpContext()
         [Fact]
         public async Task TokenValidated_WithScopesAndRoles_AuthenticationSucceedsAsync()
         {
-            Assert.True(_tokenContext.Result.Succeeded);
+            Assert.True(_tokenContext.Result!.Succeeded);
             await _jwtEvents.TokenValidated(_tokenContext);
             Assert.True(_tokenContext.Result.Succeeded);
         }